181 matches found
PT-2024-4551 · Google +6 · Google Chrome +6
Name of the Vulnerable Software and Affected Versions: Google Chrome versions prior to 126.0.6478.126 Microsoft Edge affected versions not specified Description: The issue is related to a use after free in the Dawn component, which can be exploited by a remote attacker using a crafted HTML page t...
PT-2024-26159 · Unknown · Pluginops Landing Page Builder
Name of the Vulnerable Software and Affected Versions: PluginOps Landing Page Builder versions through 1.5.1.8 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Reflected XSS. Recommendations:...
PT-2024-29763
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability has been resolved in the Linux kernel related to the virtio-pci module. The issue involves the vp dev-is avq function being empty in certain installations, specifically...
PT-2024-25925 · Clario · Clario
Name of the Vulnerable Software and Affected Versions: Clario through 2024-04-11 for Desktop Description: The issue is related to weak permissions for the %PROGRAMDATA%Clario directory and the attempt to load DLLs from this location as SYSTEM. Recommendations: For Clario through 2024-04-11 for...
PT-2024-3086 · Google +6 · Google Chrome +6
Name of the Vulnerable Software and Affected Versions: Google Chrome versions prior to 124.0.6367.60 Microsoft Edge affected versions not specified Description: The issue is related to an inappropriate implementation in the Autofill feature, allowing an attacker to perform UI spoofing via a craft...
PT-2024-3172 · Microsoft · Odbc Driver For Sql Server +1
Name of the Vulnerable Software and Affected Versions: Microsoft ODBC Driver for SQL Server affected versions not specified Description: The issue is related to a buffer overflow in dynamic memory in the Microsoft ODBC Driver for SQL Server. This can allow a remote attacker to execute arbitrary...
PT-2024-21775 · Ibm · Ibm Db2
Name of the Vulnerable Software and Affected Versions: IBM Db2 for Linux, UNIX and Windows includes DB2 Connect Server versions 10.5, 11.1, and 11.5 Description: The issue is related to a denial of service condition that can be triggered with a specially crafted query under certain conditions...
PT-2024-2406 · Tenda · Tenda Ac15
Name of the Vulnerable Software and Affected Versions: Tenda AC15 versions 15.03.05.18 through 15.03.20 multi Description: A critical issue affects the function formSetSpeedWan of the file /goform/SetSpeedWan. The manipulation of the argument speed dir leads to a stack-based buffer overflow. This...
PT-2024-2436 · Adobe · Experience Manager
Name of the Vulnerable Software and Affected Versions: Adobe Experience Manager versions 6.5.19 and earlier Description: The issue is related to a stored Cross-Site Scripting XSS vulnerability that could allow an attacker to inject malicious scripts into vulnerable form fields. This could lead to...
PT-2024-21976 · Supercali · Supercali
Name of the Vulnerable Software and Affected Versions: SuperCali version 1.1.0 Description: A reflected cross-site scripting XSS issue exists, allowing remote attackers to execute arbitrary JavaScript code via the email parameter in the "bad password.php" page. This could potentially affect a...
PT-2024-14631 · Linux +4 · Linux Kernel +4
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A use-after-free UAF issue has been resolved in the Linux kernel. The pmif driver data, which contains clocks, is allocated along with spmi controller. When a device is removed, spmi...
PT-2024-1837 · Google +5 · Google Chrome +5
Name of the Vulnerable Software and Affected Versions: Google Chrome versions prior to 122.0.6261.57 Microsoft Edge affected versions not specified Description: The issue is related to insufficient policy enforcement in the Download component, allowing a remote attacker to bypass existing securit...
PT-2024-2834 · Moodle · Moodle Lms
Name of the Vulnerable Software and Affected Versions: Moodle LMS affected versions not specified Description: The issue is related to inadequate access control in the Moodle Learning Management System. This could allow a user with a student role to create arbitrary events intended for users with...
PT-2024-1681 · Unknown · Aria Operations For Networks
Name of the Vulnerable Software and Affected Versions: Aria Operations for Networks affected versions not specified Description: The issue is related to a cross-site scripting vulnerability. A malicious actor with admin privileges can inject a malicious payload into the login banner, potentially...
PT-2024-14403 · Unknown · Downloadprovidermain
Name of the Vulnerable Software and Affected Versions: DownloadProviderMain module affected versions not specified Description: The issue concerns a vulnerability in permission verification for APIs within the DownloadProviderMain module. Successful exploitation of this vulnerability may affect...
PT-2024-1033 · Microsoft · Common Log File System +1
Name of the Vulnerable Software and Affected Versions: Microsoft Common Log File System affected versions not specified Description: The issue is related to insufficient access control in the Common Log File System CLFS of Windows operating systems. Exploitation of this issue may allow an attacke...
PT-2024-14469 · Cformsii · Cformsii
Name of the Vulnerable Software and Affected Versions: cformsII versions through 15.0.5 Description: The issue affects cformsII, allowing Stored XSS due to improper neutralization of input during web page generation. This is a Cross-site Scripting vulnerability. Recommendations: For versions...
PT-2024-1013 · Google +5 · Angle Library +6
Name of the Vulnerable Software and Affected Versions: Google Chrome versions prior to 120.0.6099.199 Microsoft Edge affected versions not specified Description: The issue is related to a use after free in the ANGLE library, which can be exploited by a remote attacker who has compromised the...
PT-2023-9116 · Tenda · Tenda I6
Name of the Vulnerable Software and Affected Versions: Tenda i6 version 1.0.0.83856 Description: The issue is related to a buffer overflow vulnerability in the Wi-Fi router's microprogram, specifically in the /goform/WifiMacFilterSet component. This vulnerability can be exploited by a remote...
PT-2023-28065 · Ivanti · Ivanti Avalanche
Name of the Vulnerable Software and Affected Versions: Ivanti Avalanche affected versions not specified Description: The issue concerns incorrect default permissions in Ivanti Avalanche, allowing for local privilege escalation. Recommendations: At the moment, there is no information about a newer...